Get Affordable Confidentiality - Integrity and Availability Assignment Help Service From Proficient Expertsminds Tutors

Home   Course  
Previous << || >> Next

Confidentiality, Integrity and Availability Assignment -

Question - CIA is the underlying concept of providing uninterrupted, continuous and reliable access to information resources. Critically examine the CIA concept identifying the strengths and weaknesses of it and compare and contrast it against other similar models.


Answer -


The report includes the concepts of the CIA which helps in providing the uninterrupted and the reliable access for the information resources. CIA is one of the independent agency which is responsible for providing the national security intelligence for the US policy makers. The nominations are done with the advice and the consent of the Senate where the management is done on the operations, budget and the personnel (Rady et al., 2019). CIA use the principal foreign intelligence of the US government to handle the counterintelligence efforts that have been conducted by FBI.

Examination of the CIA concepts

CIA is Confidentiality, Integrity and Availability triad of information security where the information security model is able to evaluate the organization security. This highlights about:

Confidentiality: The assurance is about the data and the information system which is being accessed by only the authorized people (Sumra et al., 2015). The user id and the password with the access control lists or the policy-based security are some of the effective methods for achieving confidentiality.

Integrity: This is to ensure that the data and the information can easily be trusted. It ensures about the editing which is through the authorizing of the people and then handling the data encryption algorithms which is key process for the different integrity standards (Van Bulck et al., 2016).

Availability: This highlights about the data and information where the availability of data is depending upon the hardware maintenance and the software patching or the upgradation with network optimization that ensures the availability (Adlossary et al., 2016).

Strengths and the weakness

The strengths of CIA for the cybersecurity includes the privacy measures where the assurance is about the confidentiality which is for preventing any information which is sensitive from reaching the wrong people. It helps in accessing the information which must be restricted for those who are authorized to view the data in question (Kajiura et al., 2015). This is common that there are data sectors which are categorized according to the amount and the damage type which can fall under the unintended hands. The measures need to be taken for involving the stringent categories with safeguarding the data confidentiality which involves the special training for those privy to such documents (Kumar et al., 2015). The training includes the security risks that leads to the threatening of the information. Hence, training can help in familiarizing the authorized people with the different risks factors. The aspects are related to the strong passwords and the password related practices which are mainly to prevent the problem from bending any data handling rules with complete proper intentions. The example is the data encryption, biometric verification and the security tokens (Dorri et al., 2017).


The strengths of the integrity are to involve the maintaining of consistency and the accuracy of the data over the life data cycle. The data must not be changes and needs to be ensured about the alternations by any unauthorized people, in case of the breach. The measures include the user access control. The data might include the checksums and the cryptographic checkups. The backs and the redundancies are for restoring the data affected (Gaetani et al., 2017).

The availability is to ensure about maintaining the hardware, with performing the repairs which are needed to maintain the functional operations. This needs to be worked upon for the necessary system upgrades and then handling the bottlenecks which are important (Glanzer et al., 2016). The redundancy, failover and the RAID are considered important that can mitigate any of the consequences when the hardware issues tend to occur. The safeguard against the data loss or the interruptions in the connections needs to focus on the occurrences and a backup copy might need to be stored with the geographical isolated location (Boudguiga et al., 2017). The extra security is needed for the firewalls and the proxy servers which can be considered as a guard against the downtime with unreachable data mainly due to the malicious actions like the denial-of-service attacks or network intrusions.

The challenges are related to the big data where there are challenges are about the CIA paradigm where there are sheer volume of information which needs to be safeguarded. There are duplicity of the data sets and then there are disaster recover plans and then work on the duplicity data sets. The major concern of the big data includes the collection of the different information with the interpretation and then handling the responsible data with the whistleblower (Jouini et al., 2019). The privacy of IoT is considered important to protect the individual information from the exposure of IoT. The unique identifier includes the ability to communicate with the working over the endpoint which might not cause any of the privacy issues. The security standards are defined for IoT challenges because IoT consists of the Internet enabled computers where there are un-patching and then configuration with the default or the weak passwords.

IoT is based on the internet services where the internet enabled devices helps in handling the separate attack vectors or the parts of the thing bot (Alsulami et al., 2015). The proof-of-concept exploit is where the researchers have been able to demonstrate about the network that can be compromised through Wi-Fi.


The weakness are related to the concern about the information (Melrose et al., 2016). The core factor is about how IT security needs to handle the limited view of the security measures where there is ignorance of some additional and importance factors. The Availability ensures that there is no loss of access for the resources and one needs to provide the information, as per the requirement. But there are no ways to guarantee that someone else is not making any of the unauthorized use of the hardware resources. The problems are also related to the planning and implementing the good security policy where there is a need to understand the principles as well. The limitations of the security policy requirements needs to be considered as well.

Contrast against the other models

The other models are the computer security model which includes the scheme for identifying and enforcing the different security policies. There is a possibility to focus on the access rights, the model of computation and the distributed computing as well (Lewandowsky et al., 2016).

The threat modelling is defined for the structural vulnerabilities which can easily be identified, enumerated and prioritized. The seekers need to focus on how the people are able to handle the different threats and avoid any possible accidents. The threat model helps in analyzing the risks with the threats and the enumeration mitigation controls which are depending upon the methodological basis. Some of the tools are Microsoft free threat modelling tool which helps in identifying the threats based on STRIDE.

CIAAN Model is about

a. Confidentiality: This is for ensuring the privacy of the data. The disclosures of the unauthorized entities with the network sniffing leads to violation of the confidentiality.

b. Integrity: The data non-alteration is about how the assurance of information needs to be done from the origin to the reception. The source integrity highlights about the sender of the information where the data needs to be there. It includes the compromising of the information where it is corrupted or altered. The digital signatures and the hash algorithms are mainly for providing the data integrity.

c. Availability: The data availability is the assurance of the timely and the reliable access for the different services for the authorized users. Here, the focus is on the reliability of the data and the time which is needed for the performance of the task. The attackers need to handle the resources and plan about handling the Denial of Service. The high availability of the protocols with full redundancy of the network architectures have to be worked upon without any single failure point.

d. Authenticity: This comes with the data assurance and the transactions which needs to be made at the time of making the communication.

e. Non-Repudiation: The standards are set to achieve through the cryptographic methods which helps in preventing the entity or from the denial of a particular action which is related to the proof of obligation or the intent. The signing off the document is the case where the signer is responsible for the approval of the document which needs to be signed.


The model of CIA is helpful for understanding the cybersecurity standards where there is a proper analysis of how the users are able to access the internet history to the security of the data encryption (Sumra et al., 2015). The confidentiality will help in hiding the information from the people who are unauthorized to view it. The CIA triad comes with focusing on the cryptography and the encryption methods where the attempt is made to ensure that the data is transferred from one to the other computer. The integrity is about the ability to ensure that the data accuracy or the unchanged representation of the original secured information needs to be handled. The security attack is mainly to handle the interception of important data and make changes before it is being sent to the intended receiver.


Tag This :- EM201911AYO413CASE Confidentiality - Integrity and Availability Assignment Help

get assignment Quote

Assignment Samples

Get Academic Excellence with Best Skilled Tutor! Order Assignment Now! Submit Assignment